Communication terminal, communication system, communication terminal control method, and program

ABSTRACT

A communication terminal including: a first normal operation determination unit determines whether an external communication network relay device is operating normally; a terminal selection unit selects a substitute communication terminal for executing a first substitute process for the external communication network relay device; a first instruction unit, when the own communication terminal is selected, instructs an internal wireless communication network relay device to perform processes of relaying a connection information allocation request and a response to the allocation request between the requesting communication terminal and the own communication terminal, relaying data relating to authentication between the own communication terminal and the authentication device, and relaying data for the external communication network to the external communication network; and a second instruction unit instructs a bypassing relay device to perform a process for relaying the data relating to authentication between the internal wireless communication network relay device and the authentication device.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a National Stage of International Application No.PCT/JP2018/006715 filed Feb. 23, 2018, claiming priority based onJapanese Patent Application No. 2017-056929 filed Mar. 23, 2017, thecontents of which are incorporated herein by reference.

TECHNICAL FIELD

The present invention relates to a communication terminal, acommunication system, a communication terminal control method and aprogram.

BACKGROUND ART

Technologies for providing continual communication services even when amalfunction occurs in a mobile communication system are known.

Patent Document 1 describes a technology wherein, when a malfunctionoccurs in a P-CSCF (Proxy-Call Session Control Function) that is a firstaccess point of a terminal and that manages terminal information, theterminal registers the terminal information in a P-CSCF different fromthe first P-CSCF.

Patent Document 2 describes a technology, in an SAE (System ArchitectureEvolution) type mobile communication system, wherein transmissionprocessing and reception processing of communications using PCC control(Policy and Charging Control) is performed even if a malfunction occursin a PCRF (Policy and Charging Rules Function) for determining policycontrol or billing control rules.

Patent Document 3 describes a technology that provides continualtelephone connection service while limiting communication costs. In thetechnology described in Patent Document 3, when there is an IP (InternetProtocol) path malfunction between a transmission-side node and areception-side node, the transmission-side node bypasses a publicnetwork and selects the relay node that minimizes the cost. Furthermore,the transmission-side node establishes a communication route to theselected relay node. The relay node establishes communication to thereception-side node by bypassing the public network.

CITATION LIST Patent Literature

[Patent Document 1]

Japanese Unexamined Patent Application, First Publication No.2016-063237

[Patent Document 2]

Japanese Unexamined Patent Application, First Publication No.2014-239469

[Patent Document 3]

Japanese Unexamined Patent Application, First Publication No.2009-159512

SUMMARY OF INVENTION Problems to be Solved by the Invention

When a malfunction occurs in a communication system due to a disaster orthe like, there may be cases in which communication is not possiblebetween a base station and an authentication device. In a communicationsystem under such a condition, the sequence will stop at theauthentication stage for new terminals. For this reason, terminals inwhich authentication has not been completed before the occurrence of themalfunction will not be able to carry out data communications.

In response thereto, Patent Document 1, Patent Document 2 and PatentDocument 3 describe measures to be taken when a malfunction occurs in acommunication system, but they do not describe measures to be taken whenit is not possible to communicate with an authentication device due tothe malfunction. In other words, the technologies described in PatentDocument 1, Patent Document 2 and Patent Document 3 have the problemthat new terminals cannot carry out data communications when amalfunction occurring in a communication system makes it impossible tocommunicate with an authentication device.

An object of the present invention is to provide a communicationterminal, a communication system, a communication terminal controlmethod and a program that solve the abovementioned problem.

Means for Solving the Problems

According to a first aspect of the present invention, a communicationterminal comprises: a first normal operation determination unitconfigured to determine whether or not an external communication networkrelay device, which requests an authentication device to authenticatecommunication terminals, is operating normally; a terminal selectionunit configured to, when the first normal operation determination unitdetermines that the external communication network relay device is notoperating normally, select, from among a plurality of communicationterminals including the own communication terminal, a substitutecommunication terminal for executing a first substitute process for theexternal communication network relay device; a first instruction unitconfigured to, when the own communication terminal is selected as thesubstitute communication terminal, instruct an internal wirelesscommunication network relay device, which is a relay destination fordata from the plurality of communication terminals, to perform processesof relaying a connection information allocation request from arequesting communication terminal and a response to the allocationrequest between the requesting communication terminal and the owncommunication terminal, relaying data relating to authentication of therequesting communication terminal between the own communication terminaland the authentication device, and relaying data for the externalcommunication network from the requesting communication terminal to theexternal communication network via the own communication terminal; and asecond instruction unit configured to instruct a bypassing relay devicethat relays the data for the external communication network between theinternal wireless communication network relay device and the externalcommunication network to further perform a process for relaying the datarelating to authentication between the internal wireless communicationnetwork relay device and the authentication device.

According to a second aspect of the present invention, a communicationsystem comprises: a plurality of communication terminals; an internalwireless communication network relay device, which is a relaydestination for data from the plurality of communication terminals; anexternal communication network relay device configured to, when aconnection information allocation request is received from a requestingcommunication terminal via the internal wireless communication networkrelay device, request an authentication device to authenticate therequesting communication terminal, allocate the connection informationto the authenticated requesting communication terminal, and transmit theallocated connection information to the authenticated requestingcommunication terminal via the internal wireless communication networkrelay device; and a bypassing relay device configured to relay data forthe external communication network, from the requesting communicationterminal that used the allocated connection information, between theinternal wireless communication network relay device and the externalcommunication network; wherein at least one of the plurality ofcommunication terminals is the above-described communication terminal.

According to a third aspect of the present invention, a communicationterminal control method comprises steps of: determining whether or notan external communication network relay device, which requests anauthentication device to authenticate communication terminals, isoperating normally; when it is determined that the externalcommunication network relay device is not operating normally, selecting,from among a plurality of communication terminals including the owncommunication terminal, a substitute communication terminal forexecuting a first substitute process for the external communicationnetwork relay device; when the own communication terminal is selected asthe substitute communication terminal, instructing an internal wirelesscommunication network relay device, which is a relay destination for theplurality of communication terminals, to perform processes of relaying aconnection information allocation request from a requestingcommunication terminal and a response to the allocation request betweenthe requesting communication terminal and the own communicationterminal, relaying data relating to authentication of the requestingcommunication terminal between the own communication terminal and theauthentication device, and relaying data for the external communicationnetwork from the requesting communication terminal to the externalcommunication network via the own communication terminal; andinstructing a bypassing relay device that relays the data for theexternal communication network between the internal wirelesscommunication network relay device and the external communicationnetwork to further perform a process for relaying the data relating toauthentication between the internal wireless communication network relaydevice and the authentication device.

According to a fourth aspect of the present invention, a program makes acomputer perform processes of: determining whether or not an externalcommunication network relay device, which requests an authenticationdevice to authenticate communication terminals, is operating normally;when it is determined that the external communication network relaydevice is not operating normally, selecting, from among a plurality ofcommunication terminals including the own communication terminal, asubstitute communication terminal for executing a first substituteprocess for the external communication network relay device; when theown communication terminal is selected as the substitute communicationterminal, instructing an internal wireless communication network relaydevice, which is a relay destination for the plurality of communicationterminals, to perform processes of relaying a connection informationallocation request from a requesting communication terminal and aresponse to the allocation request between the requesting communicationterminal and the own communication terminal, relaying data relating toauthentication of the requesting communication terminal between the owncommunication terminal and the authentication device, and relaying datafor the external communication network from the requesting communicationterminal to the external communication network via the own communicationterminal; and instructing a bypassing relay device that relays the datafor the external communication network between the internal wirelesscommunication network relay device and the external communicationnetwork to further perform a process for relaying the data relating toauthentication between the internal wireless communication network relaydevice and the authentication device.

Advantageous Effects of Invention

According to at least one of the above-described aspects, acommunication terminal is able to authenticate and carry out datacommunications with new terminals even when a malfunction occurs and anauthentication device cannot be used for authentication.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a diagram illustrating the structure of a communication systemaccording to one embodiment.

FIG. 2 is a schematic block diagram illustrating the structure of aterminal according to one embodiment.

FIG. 3 is a diagram illustrating the flow of a communication procedureduring a normal situation in a communication system.

FIG. 4 is a diagram illustrating the flow of a communication procedurewhen a malfunction occurs in a second gateway device in a communicationsystem.

FIG. 5 is a diagram illustrating the flow of an operating procedure whena malfunction occurs in a second gateway device and an authenticationserver in a communication system.

FIG. 6 is a diagram illustrating the flow of an operating procedure in acommunication system when a second gateway device and an authenticationserver have recovered.

FIG. 7 is a diagram illustrating the flow of an operating procedure in acommunication system 1 when an authentication server recovers while asecond gateway device is still in a malfunction state.

FIG. 8 is a diagram illustrating the flow of an operating procedure in acommunication system 1 when a second gateway device recovers while anauthentication server is still in a malfunction state.

FIG. 9 is a schematic block diagram illustrating the basic structure ofa terminal.

DESCRIPTION OF EMBODIMENTS

Hereinafter, embodiments of the present invention will be explained indetail with reference to the drawings.

FIG. 1 is a diagram illustrating the structure of a communication systemaccording to one embodiment.

The communication system 1 comprises a terminal 10, plurality ofterminals 20, a terminal 100, a first gateway device 30, a secondgateway device 40, a bypassing relay device 50, an authentication server60 and an external communication network 70.

The terminal 10 is a communication terminal such as, for example, aso-called smartphone terminal, a cellular telephone terminal or thelike. When a malfunction occurs in at least one of the second gatewaydevice 40 and the authentication server 60, the terminal 10 performs apredetermined process so as to allow a new terminal 100 to access theexternal communication network 70.

The terminals 20 and 100 are terminals having functions similar to thoseof the terminal 10. For this reason, both the terminals 20 and 100 canfunction as terminals 10.

The first gateway device 30 functions as an S-GW (serving gateway) andan MME (mobility management entity). The first gateway device 30 managestasks such as registering the positions of the terminals 10, 20 and 100,issuing calls, and performing handover between base stations, as well asrelaying data.

Normally, for connection information allocation requests and responsesto said allocation requests, the first gateway device 30 relays theallocation requests between the terminal (e.g., the terminal 100) thatmade the allocation request and the second gateway device 40. Theexpression “normally” refers to cases in which there are no malfunctionsin the communication system 1. The connection information includes an IPaddress, a DNS (Doman Name System) address or the like. Additionally,the first gateway device 30 relays data for the external communicationnetwork from the terminal 100 that made the connection informationallocation request via the second gateway device 40 and through thebypassing relay device 50.

When a malfunction occurs in the second gateway device 40 or the like,the first gateway device 30 appropriately switches the data relay pathin accordance with an instruction from the terminal 10.

The second gateway device 40 functions as a P-GW (Packet Data NetworkGateway) and serves as a connection point to the external communicationnetwork 70. Upon receiving a connection information allocation request,for example, from the terminal 100, via the first gateway device 30, thesecond gateway device 40 requests that the authentication server 60authenticate the terminal 100. The authentication is a verification asto whether or not the terminal 100 may be connected to the externalcommunication network 70.

When the terminal 100 is authenticated as being connectable to theexternal communication network 70, the second gateway device 40allocates connection information to the terminal 100 and transmits theconnection information to the terminal 100 via the first gateway device30. Additionally, when the terminal 100 attempts to connect to theexternal communication network 70, the second gateway device 40 convertslocal IP addresses to global IP addresses (NAT (Network AddressTranslation)).

Normally, after an arbitrary terminal (e.g., the terminal 100) has beenauthenticated, the bypassing relay device 50 allows data communicationsbetween the terminal 10 and the external communication network 70 bybypassing the second gateway device 40. Specifically, for example, afterthe terminal 100 has been authenticated, the bypassing relay device 50relays data for the external communication network between the firstgateway device 30 and the external communication network 70.

Additionally, the bypassing relay device 50 can switch the data relaypath in accordance with instructions from the terminal 10 when amalfunction occurs in the second gateway device 40 or the like. Forexample, when the terminal 10, which is a substitute device for thesecond gateway device 40, requests authentication by the authenticationserver 60, the bypassing relay device 50 relays data relating toauthentication between the first gateway device 30 and the externalcommunication network 70.

In response to the request from the second gateway device 40, theauthentication server 60 authenticates whether or not, for example, theterminal 100 may be connected to the external communication network 70.The authentication server 60 also responds to authentication requestsfrom the terminal 10 when a malfunction occurs in the second gatewaydevice 40 and the terminal 10 performs substitute processes for thesecond gateway device 40.

The external communication network 70 provides IP services, which arecore services, to terminals (e.g., the terminal 100) which requestconnection.

FIG. 2 is a schematic block diagram illustrating the structure of aterminal according to one embodiment.

The terminal 10 comprises a CPU 11, a RAM 12, a ROM 13, a storage unit14, a communication control unit 15 and an input/output unit 16.

The CPU 11 is a computation control processor that executes prescribedprocesses in accordance with programs stored in the ROM 13. For example,the CPU 11 performs processes for carrying out data communications,instructing the first gateway device 30 or the bypassing relay device 50to switch the relay path, and exchanging information regarding terminalcapabilities with the other terminals 20 and 100. Additionally, the CPU11 also executes processing of selection of the most appropriateterminal as a substitute device for the second gateway device 40 or theauthentication server 60, and processing as a substitution device, basedon the remaining battery levels, the radio signal states and the like.

The RAM 12 loads data received from an external source and data readfrom the ROM 13 or the storage unit 14 and is used by the CPU 11 as awork area for the data. The ROM 13 stores initial data and programs andthe like for execution by the CPU 11.

The storage unit 14 stores databases, various parameters, applicationprograms, communication control programs for overall control, and thenewest conditions and the like for information used when serving as asubstitute device. The communication control unit 15 performs datacommunications with the first gateway device 30. The input/output unit16 is, for example, a so-called touch panel, a speaker, operationbuttons, an infrared communication unit or the like.

The communication system 1 formed as indicated above performs datacommunications in the following manner.

FIG. 3 is a diagram illustrating the flow of a communication procedureduring a normal situation in the communication system.

When the terminal 100 is newly incorporated into the communicationsystem 1 by turning on a power supply or the like, data communicationsare initiated in accordance with the following procedure.

The terminal 100 requests the second gateway device 40, via the firstgateway device 30, to allocate connection information (IP address, DNSaddress and the like) to the external communication network 70 (sessionSS1).

Upon receiving the connection information allocation request from theterminal 100, the second gateway device 40 starts communicating with theauthentication server 60 via the external communication network 70. Thesecond gateway device 40 confirms that the terminal 100 is a terminalthat may be connected to the external communication network 70 (sessionSS2).

Upon obtaining authentication indicating that the terminal 100 is aterminal that may be connected to the external communication network 70,the second gateway device 40 allocates, to the terminal 100, connectioninformation such as an IP address, a DNS address or the like to be usedwhen the terminal 100 connects to the external communication network 70.The second gateway device 40 notifies the terminal 100 of the allocatedIP address or the like via the first gateway device 30 (session SS3).

The terminal 100 uses the received IP address or the like to connect tothe external communication network 70 via the first gateway device 30,the second gateway device 40 and the bypassing relay device 50 (sessionSS4). As a result thereof, the terminal 10 is able to carry out datacommunications with the external communication network 70.

FIG. 4 is a diagram illustrating the flow of a communication procedurewhen a malfunction occurs in the second gateway device in thecommunication system.

The terminal 10 communicates with the second gateway device 40 via thefirst gateway device 30 and obtains the newest conditions forinformation used when executing substitution processes for the secondgateway device 40 (session SS11).

The terminal 10 confirms the normality, which indicates whether or notthe second gateway device 40 is operating normally, via the firstgateway device 30. Specifically, the terminal 10 sends a prescribedinquiry to the second gateway device 40 and confirms whether or not aresponse indicating normality is obtained.

When responses indicating normality stop being obtained from the secondgateway device 40 (session SS12), the terminal 10 determines that amalfunction has occurred in the second gateway device 40. Additionally,the terminal 10 exchanges information regarding terminal capabilitieswith plurality of terminals 20.

Specifically, the terminal 10 exchanges information regarding terminalcapabilities with the plurality of terminals 20 by using the H.245protocol for exchanging information regarding each others' terminalcapabilities. Additionally, the terminal 10 selects, from among theplurality of terminals 20 and the terminal 10, on the basis of theremaining battery levels, the radio signal states and the like, theterminal that is the most suitable for serving as a substitute devicefor the second gateway device 40 (session SS13). In the presentembodiment, the terminal 10 is selected as the substitute device for thesecond gateway device 40. There is no limitation to this example, and itis possible to select any of the terminals 20 as the substitute devicefor the second gateway device 40. When a terminal 20 is selected, theselected terminal 20 performs the same process as that performed by theterminal 10, described below.

The terminal 10 instructs the first gateway device 30 and the bypassingrelay device 50 to switch the relay path (session SS14).

Due to this instruction, the first gateway device 30 relays connectioninformation allocation requests and responses to said allocationrequests between the terminal (e.g., the terminal 100) that made theallocation request and the terminal 10, which is the substitute devicefor the second gateway device 40. Additionally, the first gateway device30 relays requests and confirmations, used for authenticating theterminal 100 that made the connection information allocation request,between the authentication server 60 and the terminal 10, which is thesubstitute device for the second gateway device 40. Furthermore, thefirst gateway device 30 relays data for the external communicationnetwork from the terminal 100 that made the allocation request, via theterminal 10 that is the substitute device for the second gateway device40, to the bypassing relay device 50.

The bypassing relay device 50, upon receiving the instruction to switchthe relay path from the terminal 10, relays not only data for theexternal communication network, but also requests and confirmations,used for authenticating the terminal 100 that made the allocationrequest, between the first gateway device 30 and the authenticationserver 60.

Furthermore, the terminal 10 confirms the normality of theauthentication server 60 (session SS15) via the first gateway device 30and the bypassing relay device 50. In this case, it will be assumed thatthe authentication server 60 is able to confirm normality.

As a result of the above-mentioned process, the terminal 100 is able tocarry out data communications in the following manner.

Upon being newly incorporated into the communication system 1, theterminal 100 issues, to the first gateway device 30, a request forallocation of connection information to the external communicationnetwork 70. The first gateway device 30 forwards the allocation requestfrom the terminal 100 to the terminal 10 functioning as the substitutedevice for the second gateway device 40 (session SS16). In other words,the first gateway device 30 transfers the allocation request from theterminal 100 to the terminal 10.

The terminal 10, serving as a substitute device for the second gatewaydevice 40, requests authentication from the authentication server 60 viathe first gateway device 30 and the bypassing relay device 50.Furthermore, the terminal 10 confirms that the terminal 100 is aterminal that can be connected to the external communication network 70(session SS17).

After the authentication process for the terminal 100, the terminal 10,serving as the substitute device for the second gateway device 40,allocates to the terminal 100 an IP address, a DNS address or the likefor use when the terminal 100 connects to the external communicationnetwork 70. The terminal 10 notifies the terminal 100 of said IP addressor the like via the first gateway device 30 (session SS18).

The terminal 100 uses the provided information such as the IP address toconnect to the external communication network 70 via the first gatewaydevice 30, the terminal 10, the first gateway device 30 and thebypassing relay device 50 (session SS19). In this case, the terminal 10functions as the substitute device for the second gateway device 40. Theterminal 10 may, for example, convert a local IP address from the firstgateway device 30 to a global IP address, and connect to the externalcommunication network 70, once again via the first gateway device 30.

Thus, according to the present embodiment, when a malfunction occurs inthe second gateway device 40 and an authentication request cannot bemade to the authentication server 60, the communication system 1 makesthe terminal 10 carry out substitute processing functions for the secondgateway device 40, and switches a relay path of the first gateway device30 and the bypassing relay device 50. As a result thereof, thecommunication system 1 is able to carry out an authentication process,even for the newly incorporated terminal 100. The terminal 100 is thenable to carry out data communications.

FIG. 5 is a diagram illustrating the flow of an operating procedure whena malfunction occurs in the second gateway device and the authenticationserver in the communication system. In sessions SS21 to SS24 in FIG. 5,the same processes as those in sessions SS11 to SS14 in FIG. 4 areperformed. Thus, the explanation will begin at session SS25.

The terminal 10 confirms the normality of the authentication server 60(session SS25) via the first gateway device 30 and the bypassing relaydevice 50. The terminal 10 sends inquiries to the authentication server60, and when a response indicating normality is not obtained from theauthentication server 60, the following process is carried out. As aresult thereof, the terminal 10 functions as a substitute device for theauthentication server 60.

The terminal 10 issues a relay path switching instruction to thebypassing relay device 50 (session SS26). Furthermore, the terminal 10collects authentication information from all of the terminals 20 and theterminal 10 (session SS27). The authentication information isinformation used for authentication.

As a result of the above-mentioned process, even when a malfunctionoccurs in the second gateway device 40 and the authentication server 60,the terminal 100 is able to carry out data communications in thefollowing manner.

Upon being newly incorporated into the communication system 1, theterminal 100 issues, to the first gateway device 30, a request forallocation of connection information to the external communicationnetwork 70. The first gateway device 30 forwards the allocation requestfrom the terminal 100 to the terminal 10 functioning as the substitutedevice for the second gateway device 40 and the authentication server 60(session SS28). In other words, the first gateway device 30 transfersthe allocation request from the terminal 100 to the terminal 10.

The terminal 10, serving as a substitute device for the authenticationserver 60, uses collected authentication information to confirm that theterminal 100 that made the allocation request is a terminal that can beconnected to the external communication network 70.

Furthermore, the terminal 10, serving as the substitute device for thesecond gateway device 40, allocates an IP address, a DNS address or thelike for use when the terminal 100 connects to the externalcommunication network 70. The terminal 10 notifies the terminal 100 ofsaid IP address or the like via the first gateway device 30 (sessionSS29).

The terminal 100 uses the allocated IP address or the like to connect tothe external communication network 70 via the first gateway device 30,the terminal 10, the first gateway device 30 and the bypassing relaydevice 50 (session SS30).

Thus, according to the present embodiment, when a malfunction occurs inthe second gateway device 40 and the authentication server 60, thecommunication system 1 makes the terminal 10 carry out substituteprocessing functions for the second gateway device 40 and theauthentication server 60. Additionally, the communication system 1switches the relay path of the first gateway device 30 and the bypassingrelay device 50. In this case, it is possible to carry out theauthentication process because the terminal 10 has collectedauthentication information from all of the terminals 20, 100 beforehand.As a result thereof, the communication system 1 is able to carry out anauthentication process for the newly incorporated terminal 100, and isthen able to carry out data communications.

FIG. 6 is a diagram illustrating the flow of an operating procedure inthe communication system when the second gateway device and theauthentication server have recovered.

The terminal 10 confirms the normality of each of the second gatewaydevice 40 and the authentication server 60 while functioning as asubstitute device for the second gateway device 40 and theauthentication server 60. Specifically, the terminal 10 sends inquiriesto the second gateway device 40 and the authentication server 60. Theterminal 10 periodically repeats the inquiries until responsesindicating normality are returned (sessions SS31 and SS32).

Upon receiving responses indicating normality from the second gatewaydevice 40 and the authentication server 60 (sessions SS33 and SS34), theterminal 10 performs the next process towards full recovery.

The terminal 10 notifies the second gateway device 40, via the firstgateway device 30, of information on the execution contents of secondgateway device 40 substitution processes. Thereafter, the terminal 10receives a reception notification from the second gateway device 40(session SS35).

Furthermore, the terminal 10 notifies the authentication server 60, viathe bypassing relay device 50, of the information on the executioncontents of authentication server 60 substitution processes (NAToperation, authentication operation or the like). Thereafter, theterminal 10 receives a reception notification from the authenticationserver 60 (session SS36).

The terminal 10, after confirming that the second gateway device 40 andthe authentication server 60 have recovered, cancels the switching ofthe relay path of the first gateway device 30 and the bypassing relaydevice 50 (sessions SS37 and SS38). As a result thereof, the firstgateway device 30 and the bypassing relay device 50 are switched so asto carry out normal data communications.

As a result of the above-described processes, the communication system 1returns to the state that it was in before the malfunctions occurred inthe second gateway device 40 and the authentication server 60.

Therefore, upon being newly incorporated into the communication system1, the terminal 100 requests allocation of connection information in thesame manner as in sessions SS1 to SS3 in FIG. 3, and thereafter,receives notification of the allocated connection information (sessionSS39). As a result thereof, the terminal 100 is able to carry out datacommunications with the external communication network 70.

Thus, according to the present embodiment, when the second gatewaydevice 40 and the authentication server 60 have recovered, the terminal10 notifies each of the second gateway device 40 and the authenticationserver 60 of information obtained as a result of executing thesubstitution process. Due thereto, the second gateway device 40 and theauthentication server 60 can take over the information that wasgenerated during the malfunction. As a result thereof, the communicationsystem 1 has no inconsistencies (contradictions) in the informationbefore and after recovery of the second gateway device 40 and theauthentication server 60, thereby allowing data communications to becontinued without being affected by the occurrence of the malfunctionand the recovery.

FIG. 7 is a diagram illustrating the flow of an operating procedure inthe communication system 1 when the authentication server recovers whilethe second gateway device is still in a malfunction state.

The terminal 10 sends inquiries to the second gateway device 40 and theauthentication server 60. The terminal 10 periodically repeats theinquiries until responses indicating normality are returned (sessionsSS41 and SS42).

In the example shown in FIG. 7, a response indicating normality is notreturned from the second gateway device 40 to the terminal 10 (sessionSS43), but a response indicating normality is returned from theauthentication server 60 (session SS44). In this case, the terminal 10performs the following process.

The terminal 10 notifies the authentication server 60 of information onthe execution contents of authentication server 60 substitutionprocesses, and thereafter receives a reception notification (sessionSS45).

After confirming the recovery of the authentication server 60, theterminal 10 stops functioning as a substitute device for theauthentication server 60. For this reason, when a connection informationallocation request is received via the first gateway device 30, theterminal 10 sends, via the first gateway device 30 and the bypassingrelay device 50, a request for the recovered authentication server 60 toperform the authentication.

As a result of the above-described processes, the communication system 1returns to the state in which there is a malfunction in only the secondgateway device 40.

Upon being newly incorporated into the communication system 1, theterminal 100 requests allocation of connection information in the samemanner as in sessions SS16 to SS18 in FIG. 4, and thereafter, receivesnotification of the allocated connection information (session SS46). Asa result thereof, the terminal 100 is able to carry out datacommunications with the external communication network 70.

Thus, according to the present embodiment, when the authenticationserver 60 has recovered, the terminal 10 notifies the authenticationserver 60 of information resulting from the execution of thesubstitution processes. Due thereto, the authentication server 60 cantake over the information during the malfunction. As a result thereof,the communication system 1 has no inconsistencies (contradictions) inthe information before and after recovery of the authentication server60, thereby allowing data communications to be continued without beingaffected by the occurrence of the malfunction and the recovery.

FIG. 8 is a diagram illustrating the flow of an operating procedure inthe communication system 1 when the second gateway device recovers whilethe authentication server is still in a malfunction state.

The terminal 10 sends inquiries to the second gateway device 40 and theauthentication server 60. The terminal 10 periodically repeats theinquiries until responses indicating normality are returned (sessionsSS51 and SS52).

In the example shown in FIG. 8, a response indicating normality isreturned from the second gateway device 40 to the terminal 10 (sessionSS43), but a response indicating normality is not returned from theauthentication server 60 (session SS54). In this case, the terminal 10performs the same process as that performed when malfunctions haveoccurred in the second gateway device 40 and the authentication server60.

In other words, when the terminal 100 is newly incorporated into thecommunication system 1, the same processes as those in sessions SS28 andSS29 in FIG. 5 are performed. The terminal 100 makes a connectioninformation allocation request, and thereafter receives a notificationof allocated connection information (session SS55), thereby making itpossible to carry out data communications with the externalcommunication network 70. Thus, even when the second gateway device 40has recovered, the terminal 10 performs substitute processing for thesecond gateway device 40 if the authentication server 60 is still in themalfunction state.

While an embodiment has been explained in detail by referring to thedrawings above, the specific configuration need not be limited to thatdescribed above, and it is possible to make various design modificationsand the like.

In the above-described embodiment, the terminal 10 functions as asubstitute device for the second gateway device 40 and theauthentication server 60, but it need not be limited in this manner. Forexample, if the terminal 10, while serving as a substitute device forthe authentication server 60, becomes unsuitable for serving as asubstitute device for the authentication device 60 due to a reason suchas reduced battery voltage, then another terminal 20 may serve as thesubstitute device for the authentication server 60 instead of theterminal 10. Additionally, it may be arranged, from the beginning, forthe terminal 10 to serve as a substitute device for the second gatewaydevice 40, and for a terminal 20 having the same structure as theterminal 10 to serve as a substitute device for the authenticationserver 60.

Additionally, while the terminal 10 requested authentication to theauthentication server 60, which is connected to the externalcommunication network 70, via the first gateway device 30 and thebypassing relay device 50 as a substitute process for the second gatewaydevice 40, the route need not be limited to the above. For example, theterminal 10 may request authentication to the authentication server 60connected to the external communication network 70 via the first gatewaydevice 30, the bypassing relay device 50, and further via anotherexternal communication network.

[Basic Structure]

FIG. 9 is a schematic block diagram illustrating the basic structure ofa terminal.

The terminal 10 comprises a CPU 11, a storage unit 14 and acommunication control unit 15.

The CPU 11 sends inquiries to the second gateway device 40 through thecommunication control unit 15, and determines whether or not the secondgateway device 40 is operating normally. When it is determined that thesecond gateway device 40 is not operating normally, the CPU 11 performsthe following process.

The CPU 11 acquires information regarding the terminal capability ofbeing able to execute substitute processes for the second gateway device40 from plurality of terminals, and stores the acquired data in thestorage unit 14. The CPU 11 selects a substitute communication terminalfor performing a substitute process for the second gateway device 40from among the plurality of communication terminals including theterminal 10.

When the terminal 10 is selected as the substitute communicationterminal, an instruction for the following process is issued to thefirst gateway device 30, which is the relay destination of data from theplurality of communication terminals. In other words, the CPU 11instructs the first gateway device 30 to serve as a relay for exchangingconnection information allocation requests and responses to saidallocation requests between the terminal 10 and a terminal (for example,the terminal 100) that has made an allocation request. Additionally, theCPU 11 instructs the first gateway device 30 to serve as a relay forsending data regarding authentication of the terminal 100 that made theallocation request between the terminal 10 and the authentication server60. Furthermore, the CPU 11 instructs the first gateway device 30 toserve as a relay for sending data for the external communication networkfrom the terminal 100 that made the allocation request to the externalcommunication network 70 via the terminal 10.

The CPU 11 instructs the bypassing relay device 50 to serve as a relaybetween the first gateway device 30 and the authentication server 60 fordata relating to authentication as well.

Therefore, even when a malfunction occurs in the second gateway device40 in the communication system 1, the terminal 10 can, as a substituteprocess for the second gateway device 40, request that theauthentication server 60 authenticate the terminal 100. Due thereto,even when a terminal 100 is newly incorporated into the communicationsystem 1, the terminal 100 is authenticated, so the terminal 100 cancarry out data communications.

INDUSTRIAL APPLICABILITY

According to at least one of the above-described embodiments, acommunication terminal is able to authenticate new terminals and carryout data communications even when a malfunction occurs and anauthentication device cannot perform authentication.

REFERENCE SIGNS LIST

-   1 Communication system-   10, 20, 100 Terminal-   11 CPU-   12 RAM-   13 ROM-   14 Storage unit-   16 Input/output unit-   30 First gateway device-   40 Second gateway device-   50 Bypassing relay device-   60 Authentication server-   70 External communication network

The invention claimed is:
 1. A communication terminal comprising: afirst normal operation determination unit configured to determinewhether or not an external communication network relay device, whichrequests an authentication device to authenticate communicationterminals, is operating normally; a terminal selection unit configuredto, when the first normal operation determination unit determines thatthe external communication network relay device is not operatingnormally, select, from among a plurality of communication terminalsincluding the own communication terminal, a substitute communicationterminal for executing a first substitute process for the externalcommunication network relay device; a first instruction unit configuredto, when the own communication terminal is selected as the substitutecommunication terminal, instruct an internal wireless communicationnetwork relay device, which is a relay destination for data from theplurality of communication terminals, to perform processes of relaying aconnection information allocation request from a requestingcommunication terminal and a response to the allocation request betweenthe requesting communication terminal and the own communicationterminal, relaying data relating to authentication of the requestingcommunication terminal between the own communication terminal and theauthentication device, and relaying data for the external communicationnetwork from the requesting communication terminal to the externalcommunication network via the own communication terminal; a secondinstruction unit configured to instruct a bypassing relay device thatrelays the data for the external communication network between theinternal wireless communication network relay device and the externalcommunication network to further perform a process of relaying the datarelating to authentication between the internal wireless communicationnetwork relay device and the authentication device; a first substituteprocessing unit configured to, when the connection informationallocation request is received from the requesting communicationterminal via the internal wireless communication network relay device,perform a first substitute process by requesting the authenticationdevice, via the external communication network, to authenticate therequesting communication terminal, allocating the connection informationto the requesting communication terminal that was authenticated by theauthentication device, and transmitting the allocated connectioninformation to the requesting communication terminal via the internalwireless communication network relay device; a second normal operationdetermination unit configured to determine, via the externalcommunication network, whether or not the authentication device isoperating normally; an authentication information collection unitconfigured to, when the second normal operation determination unitdetermines that the authentication device is not operating normally,collect authentication information used in the authentication from theplurality of communication terminals; a second substitute processingunit configured to, when the connection information allocation requestis received from the requesting communication terminal via the internalwireless communication network relay device, perform a second substituteprocess for the authentication device by authenticating the requestingcommunication terminal using the authentication information collected bythe authentication information collection unit; and a third substituteprocessing unit configured to perform the first substitute process byallocating the connection information to the requesting communicationterminal authenticated by the second substitute processing unit, andtransmitting the allocated connection information to the requestingcommunication terminal via the internal wireless communication networkrelay device.
 2. A communication terminal comprising: a first normaloperation determination unit configured to determine whether or not anexternal communication network relay device, which requests anauthentication device to authenticate communication terminals, isoperating normally; a terminal selection unit configured to, when thefirst normal operation determination unit determines that the externalcommunication network relay device is not operating normally, select,from among a plurality of communication terminals including the owncommunication terminal, a substitute communication terminal forexecuting a first substitute process for the external communicationnetwork relay device; a first instruction unit configured to, when theown communication terminal is selected as the substitute communicationterminal, instruct an internal wireless communication network relaydevice, which is a relay destination for data from the plurality ofcommunication terminals, to perform processes of relaying a connectioninformation allocation request from a requesting communication terminaland a response to the allocation request between the requestingcommunication terminal and the own communication terminal, relaying datarelating to authentication of the requesting communication terminalbetween the own communication terminal and the authentication device,and relaying data for the external communication network from therequesting communication terminal to the external communication networkvia the own communication terminal; a second instruction unit configuredto instruct a bypassing relay device that relays the data for theexternal communication network between the internal wirelesscommunication network relay device and the external communicationnetwork to further perform a process of relaying the data relating toauthentication between the internal wireless communication network relaydevice and the authentication device; a first substitute processing unitconfigured to, when the connection information allocation request isreceived from the requesting communication terminal via the internalwireless communication network relay device, perform a first substituteprocess by requesting the authentication device, via the externalcommunication network, to authenticate the requesting communicationterminal, allocating the connection information to the requestingcommunication terminal that was authenticated by the authenticationdevice, and transmitting the allocated connection information to therequesting communication terminal via the internal wirelesscommunication network relay device; a second normal operationdetermination unit configured to determine, via the externalcommunication network, whether or not the authentication device isoperating normally; an authentication information collection unitconfigured to, when the second normal operation determination unitdetermines that the authentication device is not operating normally,collect authentication information used in the authentication from theplurality of communication terminals; an execution result informationnotification unit configured to, when it is determined that the externalcommunication network relay device and the authentication device areoperating normally, notify the external communication network relaydevice of execution result information for the first substitute processand notify the authentication device of execution result information fora second substitute process that authenticates the requestingcommunication terminal using the authentication information collected bythe authentication information collection unit; a third instruction unitconfigured to instruct, to the internal wireless communication networkrelay device, to perform processes of relaying the connectioninformation allocation request from the requesting communicationterminal and the response to the allocation request between therequesting communication terminal and the external communication networkrelay device, and relaying data for the external communication networkfrom the requesting communication terminal to the external communicationnetwork via the external communication network relay device; and afourth instruction unit configured to instruct, to the bypassing relaydevice, to perform to stop the relaying the data relating toauthentication between the internal wireless communication network relaydevice and the authentication device.
 3. A communication terminalcomprising: a first normal operation determination unit configured todetermine whether or not an external communication network relay device,which requests an authentication device to authenticate communicationterminals, is operating normally; a terminal selection unit configuredto, when the first normal operation determination unit determines thatthe external communication network relay device is not operatingnormally, select, from among a plurality of communication terminalsincluding the own communication terminal, a substitute communicationterminal for executing a first substitute process for the externalcommunication network relay device; a first instruction unit configuredto, when the own communication terminal is selected as the substitutecommunication terminal, instruct an internal wireless communicationnetwork relay device, which is a relay destination for data from theplurality of communication terminals, to perform processes of relaying aconnection information allocation request from a requestingcommunication terminal and a response to the allocation request betweenthe requesting communication terminal and the own communicationterminal, relaying data relating to authentication of the requestingcommunication terminal between the own communication terminal and theauthentication device, and relaying data for the external communicationnetwork from the requesting communication terminal to the externalcommunication network via the own communication terminal; a secondinstruction unit configured to instruct a bypassing relay device thatrelays the data for the external communication network between theinternal wireless communication network relay device and the externalcommunication network to further perform a process of relaying the datarelating to authentication between the internal wireless communicationnetwork relay device and the authentication device; a first substituteprocessing unit configured to, when the connection informationallocation request is received from the requesting communicationterminal via the internal wireless communication network relay device,perform a first substitute process by requesting the authenticationdevice, via the external communication network, to authenticate therequesting communication terminal, allocating the connection informationto the requesting communication terminal that was authenticated by theauthentication device, and transmitting the allocated connectioninformation to the requesting communication terminal via the internalwireless communication network relay device; a second normal operationdetermination unit configured to determine, via the externalcommunication network, whether or not the authentication device isoperating normally; an authentication information collection unitconfigured to, when the second normal operation determination unitdetermines that the authentication device is not operating normally,collect authentication information used in the authentication from theplurality of communication terminals; an execution result informationnotification unit configured to, when it is determined that theauthentication device is operating normally, notify the authenticationdevice of execution result information for a second substitute processthat authenticates the requesting communication terminal using theauthentication information collected by the authentication informationcollection unit; and a fourth substitute processing unit configured to,when the connection information allocation request is received from therequesting communication terminal via the internal wirelesscommunication network relay device, perform the first substitute processby requesting the authentication device that received the notificationof the execution result information via the external communicationnetwork to authenticate the requesting communication terminal,allocating the connection information to the requesting communicationterminal that was authenticated by the authentication device, andtransmitting the allocated connection information to the requestingcommunication terminal via the internal wireless communication networkrelay device.
 4. A communication system comprising: a plurality ofcommunication terminals; an internal wireless communication networkrelay device, which is a relay destination for data from the pluralityof communication terminals; an external communication network relaydevice configured to, when a connection information allocation requestis received from a requesting communication terminal via the internalwireless communication network relay device, request an authenticationdevice to authenticate the requesting communication terminal, allocatethe connection information to the authenticated requesting communicationterminal, and transmit the allocated connection information to theauthenticated requesting communication terminal via the internalwireless communication network relay device; and a bypassing relaydevice configured to relay data for the external communication network,from the requesting communication terminal that used the allocatedconnection information, between the internal wireless communicationnetwork relay device and the external communication network; wherein atleast one of the plurality of communication terminals is a communicationterminal, and the communication terminal comprises: a first normaloperation determination unit configured to determine whether or not anexternal communication network relay device, which requests anauthentication device to authenticate communication terminals, isoperating normally; a terminal selection unit configured to, when thefirst normal operation determination unit determines that the externalcommunication network relay device is not operating normally, select,from among a plurality of communication terminals including the owncommunication terminal, a substitute communication terminal forexecuting a first substitute process for the external communicationnetwork relay device; a first instruction unit configured to, when theown communication terminal is selected as the substitute communicationterminal, instruct an internal wireless communication network relaydevice, which is a relay destination for data from the plurality ofcommunication terminals, to perform processes of relaying a connectioninformation allocation request from a requesting communication terminaland a response to the allocation request between the requestingcommunication terminal and the own communication terminal, relaying datarelating to authentication of the requesting communication terminalbetween the own communication terminal and the authentication device,and relaying data for the external communication network from therequesting communication terminal to the external communication networkvia the own communication terminal; and a second instruction unitconfigured to instruct a bypassing relay device that relays the data forthe external communication network between the internal wirelesscommunication network relay device and the external communicationnetwork to further perform a process of relaying the data relating toauthentication between the internal wireless communication network relaydevice and the authentication device.
 5. A communication terminalcontrol method comprising steps of: determining whether or not anexternal communication network relay device, which requests anauthentication device to authenticate communication terminals, isoperating normally; when it is determined that the externalcommunication network relay device is not operating normally, selecting,from among a plurality of communication terminals including a owncommunication terminal, a substitute communication terminal forexecuting a first substitute process for the external communicationnetwork relay device; when the own communication terminal is selected asthe substitute communication terminal, instructing an internal wirelesscommunication network relay device, which is a relay destination for theplurality of communication terminals, to perform processes of relaying aconnection information allocation request from a requestingcommunication terminal and a response to the allocation request betweenthe requesting communication terminal and the own communicationterminal, relaying data relating to authentication of the requestingcommunication terminal between the own communication terminal and theauthentication device, and relaying data for the external communicationnetwork from the requesting communication terminal to the externalcommunication network via the own communication terminal; instructing abypassing relay device that relays the data for the externalcommunication network between the internal wireless communicationnetwork relay device and the external communication network to furtherperform a process of relaying the data relating to authenticationbetween the internal wireless communication network relay device and theauthentication device; performing, when the connection informationallocation request is received from the requesting communicationterminal via the internal wireless communication network relay device, afirst substitute process by requesting the authentication device, viathe external communication network, to authenticate the requestingcommunication terminal, allocating the connection information to therequesting communication terminal that was authenticated by theauthentication device, and transmitting the allocated connectioninformation to the requesting communication terminal via the internalwireless communication network relay device; determining, via theexternal communication network, whether or not the authentication deviceis operating normally; collecting, when it is determined that theauthentication device is not operating normally, authenticationinformation used in the authentication from the plurality ofcommunication terminals; performing, when the connection informationallocation request is received from the requesting communicationterminal via the internal wireless communication network relay device, asecond substitute process for the authentication device byauthenticating the requesting communication terminal using the collectedauthentication information; and performing the first substitute processby allocating the connection information to the requesting communicationterminal authenticated in the second substitute process, andtransmitting the allocated connection information to the requestingcommunication terminal via the internal wireless communication networkrelay device.